IPv6 IPTABLES
Features:
1. Firewall for IPv6
/etc/rc.d/init.d/ip6tables - run-script
/etc/sysconfig/ip6tables-config - system-wide config file
/sbin/ip6tables - primary tool for administering IP6Tables
/sbin/ip6tables-restore
/sbin/ip6tables-save
2. Maintains 3 default tables:
•Filter - matches IPTables(IPv4)
•Mangle - matches IPTables(IPv4)
•Raw
Usage:
1. ip6tables -L
Note: IPv6 firewall rules are administered independently of IPv4 rules
Tasks:
1. Filter inbound traffic to remote RH5 system to SSH
•ip6tables -A INPUT -p tcp --dport 22 -j ACCEPT
•ip6tables -A INPUT -j DROP
2. Filter outbound traffic to ANY remote SSH port
•ip6tables -A OUTPUT -p tcp --dport 22 -j DROP
3. Flush ALL rules from OUTPUT chain of the Filter table
•ip6tables -F OUTPUT
4. Save rules to file, then flush rules
•ip6tables-save > ip6tables.rules.1
5. Reinstate flushed rules
•ip6tables-restore ip6tables.rules.1
No comments:
Post a Comment